EP2458776A1 - Verfahren und System zum Schutz einer Kryptografie-Vorrichtung - Google Patents

Verfahren und System zum Schutz einer Kryptografie-Vorrichtung Download PDF

Info

Publication number
EP2458776A1
EP2458776A1 EP11306571A EP11306571A EP2458776A1 EP 2458776 A1 EP2458776 A1 EP 2458776A1 EP 11306571 A EP11306571 A EP 11306571A EP 11306571 A EP11306571 A EP 11306571A EP 2458776 A1 EP2458776 A1 EP 2458776A1
Authority
EP
European Patent Office
Prior art keywords
homomorphism
data
cryptographic
application
operations
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP11306571A
Other languages
English (en)
French (fr)
Inventor
M. Michaël Adjedj
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Verimatrix France SAS
Original Assignee
Logiways France
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Logiways France filed Critical Logiways France
Publication of EP2458776A1 publication Critical patent/EP2458776A1/de
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • H04L9/003Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Definitions

  • the present invention relates to a method of protecting a cryptographic circuit against attacks aimed at discovering secret data used during the execution by the circuit of a cryptographic algorithm comprising the application of at least one cryptographic operation to data, said data belonging to a first mathematical structure having at least one group structure and provided with at least one internal composition law.
  • Cryptography is intended to allow two entities to communicate securely using an unsafe communication channel, that is to say likely to be spied by a third entity, hereinafter called "adversary”.
  • cryptography makes it possible in particular to protect the confidentiality of an information, by means of the encryption of this information and the dual operation, the decryption, or to protect only the authenticity of an information, by operations signature and verification of signatures.
  • a cryptographic protection of a given message is generally implemented by a microcircuit, by application of one or more mathematical operations to this message, operations that are functions of a key, called secret key in symmetric cryptography and public or private in asymmetric cryptography.
  • Such a protection method is however likely to be attacked by an adversary, seeking to access the content of the message or the key itself.
  • a standard adversary model at the origin of the use of cryptography to protect communications, is that where the adversary is only an observer, passive and / or active, acting via the transmission channel. In this model, the opponent can access all communications, interrupt or modify them.
  • microcircuit devices implementing cryptographic algorithms are sometimes the subject of attacks aimed at determining the secret data they manipulate, such as the key (s) used (s) and possibly in some cases the information. on the messages themselves.
  • the SPA (Simple Power Analysis) or DPA (Differential Power Analysis) type attacks consist in measuring the electrical consumption generated by a cryptographic calculation, for example the incoming and outgoing currents and voltages in the microcircuit during the execution of the cryptography algorithm, and in deducing from these currents or voltages following the operations carried out, or even the key used.
  • the measurement of the electromagnetic field generated by the electric current during a cryptographic calculation can give rise to electromagnetic attacks of the EMA (ElectroMagnetic Attack) type, which are identical in principle to attacks on the consumption. electric.
  • EMA ElectroMagnetic Attack
  • attacks of "time attack” type make it possible to find the key (s) used during a cryptographic calculation from simple measures of execution time, that is to say to from the analysis of the duration of the mathematical operations of the computation, duration which can depend on the values of the data.
  • the object of the invention is therefore to provide a cryptographic protection method offering increased resistance to attacks of the aforementioned type.
  • the subject of the invention is also a device for protecting a cryptography circuit against attacks aimed at discovering a secret data item used during the execution by said circuit of a cryptography algorithm comprising the application of at least one cryptographic operation to data, said data belonging to a first mathematical structure having at least one group structure and provided with at least one internal composition law, characterized in that it comprises means for applying to said data at least a first invertible homomorphism, compatible with said internal composition law, before the application of said cryptographic operation, and at least a second homomorphism, inverse of said first homomorphism, after the application of said cryptographic operation.
  • FIG. 1 a protection device 1 according to one embodiment of the invention.
  • the device 1 comprises a processor 3 and a memory 5, connected so as to exchange data such as a security key or data.
  • the memory 5 is suitable for storing data, and comprises a secure memory space 7, able to securely store, in particular, the security key (s) and / or the data to be encrypted or decrypted, at least temporarily.
  • the processor 3 comprises an algorithmic application 9 for cryptography, able to apply a cryptographic algorithm such as encryption or decryption to data to be protected or protected, and means 11 for protecting the algorithmic application 9.
  • algorithmic application 9 for cryptography, able to apply a cryptographic algorithm such as encryption or decryption to data to be protected or protected, and means 11 for protecting the algorithmic application 9.
  • the microprocessor 3 is thus able to apply a cryptographic algorithm to a message and to implement a method of protecting this algorithm so as to prevent the detection by an adversary of the key and / or data.
  • the execution of this cryptography algorithm comprises the implementation of a plurality of mathematical operations O i , also called cryptographic operations, successively applied to the initial data and then to the data obtained as a result of each of these operations.
  • O i mathematical operations
  • D o the initial data
  • D n the data obtained after the encryption algorithm.
  • the operations O i which depend on the security key, denoted K, are for example chosen from among basic operations such as addition, subtraction, multiplication and division, any operation derived from these basic operations, such as the exponentiation or the evaluation by a polynomial, or even binary operations such as the "exclusive” XOR or the function "and" AND.
  • Encrypting data D o and more generally includes the implementation of a plurality of protected mathematical operations OP ⁇ whose results are identical to i O operations results, but which are protected against attacks such as channels by attacks auxiliary.
  • each mathematical operation and more generally of the entire cryptography algorithm, is based on the application to the data, advantageously before each operation, of a first group morphism, or homomorphism, reversible and chosen in a manner random, and on the application, advantageously after each operation, of an inverse homomorphism of the first homomorphism.
  • a protected operation OP ⁇ comprises a step 20 of applying a first homomorphism, denoted M ⁇ , data D o initials or the data D i-1 from the protected operation OP i -1 . Then, during a step 22, the operation O i , which depends on the key K, is applied to the result M i (D i-1 ) obtained at the end of step 20. Finally, when a step 24, a second homomorphism, noted M i - 1 , , inverse of the first morphism M ⁇ , is applied to the result of the operation O i .
  • a group is an algebraic structure defined as a set E of elements, provided with at least one law of internal composition, denoted generally additively (+ E ) or multiplicatively (X E ). All the elements of the group have an inverse for the law of internal composition.
  • the set includes a neutral element denoted 0 E when the law is noted additively, or 1 E when the law is noted multiplicatively.
  • a set is a ring if it has two laws of internal composition, generally noted + E and X E respectively, such that (E, + E ) is a group.
  • the ring E is a body.
  • a ring morphism thus retains all usual operations, such as addition and multiplication, but also their derived operations such as exponentiation or composition by a polynomial, or their inverse operations (subtraction or inversion of invertible elements) .
  • this term also includes any morphism possessing, in addition to the properties of a group morphism, additional properties, and in particular ring morphisms, algebra morphisms, or body morphisms.
  • a morphism of algebras preserves, besides the two laws of internal composition, a so-called external law, for example the multiplication by an element of a body different from the algebra in question.
  • the data D i are elements of a ring E provided with an addition and a multiplication
  • the morphism M i applied to the data D i during the step 20 is a Invertible morphism as defined previously, for example an endomorphism, and the opposite of which is morphism M i - 1 applied in step 24
  • the data D i obtained at the end of step 24 are identical to the data that would have been obtained by only application of the operation O i to the data D i-1 .
  • the morphism M i and its inverse M i - 1 used during the different protected operations OP i are different from each other, and are chosen randomly.
  • the energetic signature of morphisms M i can not be analyzed.
  • the morphisms M i used are advantageously modified at each execution of the cryptography algorithm, so that the energy signature of this algorithm is different at each execution, preventing any statistical analysis of this signature.
  • Each morphism M i is then chosen randomly before the execution of the operation O i , for example by random draw of this morphism in a database of pre-established morphisms, or by determination of new morphisms as and when the execution of the algorithm.
  • the morphisms M i are, for example, Frobenius morphisms, defined on the ring E of characteristic p> 0 by: frob E : x ⁇ x p , or any morphism derived from the morphism of Frobenius.
  • the ring E is then for example an extension of a Galois body of degree k ⁇ 2, denoted GF (p k ).
  • a Galois field, denoted GF (p), is defined by the set of integers modulo p, also denoted Z / pZ, p being a prime number.
  • X P X.
  • the morphisms of rings M i can be homomorphic ciphers, that is to say cipher operations having the same properties as a morphism, and depending on a key Ks.
  • homomorphic ciphers are advantageously totally homomorphic ciphers, as defined in "Fully Homomorphic Encryption Using Ideal Lattices", Gentry C., STOC 2009, 169-178 .
  • Such morphisms have algebraic properties substantially identical to body morphisms, and can thus be considered as ring morphisms.
  • such morphisms retain entirely the structure of the set, ring or body, of departure, and in particular the additive law XOR and the multiplicative law AND, and are invertible.
  • Such morphisms can thus be used when the operations O i executed during the cryptographic algorithm are binary operations, for example XOR, AND operations, or operations derived from them.
  • homomorphic ciphers retaining other types of operations (eg addition and / or multiplication) could also be used.
  • a homomorphic encryption also has the advantage of depending on a key Ks, hereinafter referred to as the secondary key because the encrypted data obtained at the end of the cryptography algorithm do not depend on this key.
  • a homomorphic cipher can therefore be written as a function C (D i , K s ), or, with a fixed key, as a function f ( D i ) having the properties of homomorphism previously described.
  • the same homomorphic encryption function C can generate a very large number of different invertible morphisms f (of the order of 10 300 ), by modifying the only key Ks. In practice, a number of keys different from the order of 10 40 may be sufficient.
  • the morphisms M i (and their inverses) used to protect the successive operations of a cryptographic algorithm can be chosen randomly by choosing the same C for all the protected operations OP i , but by randomly choosing the key Ks this encryption before each of these operations.
  • the morphisms M i can be simply homomorphic ciphers, not retaining the additive law and the multiplicative law but only one of these laws.
  • it can be RSA (Rivest Shamir Adleman) encryption, which only retains the multiplication.
  • RSA Rivest Shamir Adleman
  • Such morphisms M i can thus be used when the operations O i involve only one type of basic operation, for example the only addition or the only multiplication.
  • the inverse morphism M i - 1 is not applied immediately after the operation O i , but after several operations O i , O i + 1 ... consecutive.
  • one of the protected operations OP i comprises the application of a homomorphism M i to the data D i - 1 , followed by the application of the operation O i .
  • This protected operation OP i is itself directly followed by the application of the operation O i + 1 , then the inverse morphism. M i - 1 .
  • the operation O i + 1 is thus applied to the image of the data D i by the morphism M i .
  • the morphisms used are not necessarily endomorphisms, and can be applications of a first ring E to a second ring F whose additive and multiplicative laws are advantageously different from the additive and multiplicative laws of the first ring E.
  • Such morphisms have the advantage of transposing the operations O i in an algebraic space F different from the algebraic space E of the data D i , which further increases the protection of the cryptographic algorithm. Indeed, in this embodiment, an attacker can not access the mathematical set in which the operations are performed, even with the help of statistics pushed to the energy signatures of the calculations.
  • the operations O i and / or the morphisms M i and M i - 1 are not carried out by means of calculations, but by means of correspondence tables, allowing to access without calculation the result of an operation starting from the values of the input variables (data D i for example).
  • the figure 5 thus illustrates two successive protected operations performed during the execution of a cryptographic algorithm according to this embodiment.
  • the processor 3 applies to the data D 0 the morphism M 1 and the operation O 1 , without calculation, but by accessing a correspondence table T 1 corresponding to the operation O 1 ° M 1 , stored in the protected memory 7.
  • the processor 3 searches for the image O 1 ° M 1 ( D 0 ) of the input data D 1 by the combination of the morphism M 1 and of the operation O 1 .
  • the processor applies to the data M 1 (D 1 ) resulting from the step OP 1 the inverse morphism M 1 - 1 , followed by the morphism M 2 , and the operation O 2 , by means of a single correspondence table T 2 corresponding to the operation O 2 ⁇ M 2 ⁇ M 1 - 1 , stored in protected memory 7.
  • the morphisms M i and M i - 1 are applications of a first ring E to a second ring F different from E, and transposing the operation O i in an algebraic space different from the algebraic space E of the data D i -1 .
  • Such a transposition has the effect of preventing a possible attacker from determining a linear relationship between the input data and the output data OPi operations, and deduce the operations O i performed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
EP11306571A 2010-11-30 2011-11-28 Verfahren und System zum Schutz einer Kryptografie-Vorrichtung Ceased EP2458776A1 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
FR1059936A FR2968104B1 (fr) 2010-11-30 2010-11-30 Procede et systeme de protection d'un dispositif de cryptographie

Publications (1)

Publication Number Publication Date
EP2458776A1 true EP2458776A1 (de) 2012-05-30

Family

ID=45098993

Family Applications (1)

Application Number Title Priority Date Filing Date
EP11306571A Ceased EP2458776A1 (de) 2010-11-30 2011-11-28 Verfahren und System zum Schutz einer Kryptografie-Vorrichtung

Country Status (5)

Country Link
US (1) US8595513B2 (de)
EP (1) EP2458776A1 (de)
JP (1) JP2012129993A (de)
FR (1) FR2968104B1 (de)
RU (1) RU2011148528A (de)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104283673A (zh) * 2014-10-09 2015-01-14 东南大学 密码电路系统的随机动态电压调节抗攻击方法及电路系统

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012049679A (ja) * 2010-08-25 2012-03-08 Sony Corp 端末装置、サーバ、データ処理システム、データ処理方法、及びプログラム
US8681973B2 (en) * 2010-09-15 2014-03-25 At&T Intellectual Property I, L.P. Methods, systems, and computer program products for performing homomorphic encryption and decryption on individual operations
US9230133B2 (en) * 2014-01-14 2016-01-05 International Business Machines Corporation Secure access for sensitive digital information
US9544150B2 (en) 2014-06-04 2017-01-10 International Business Machines Corporation Using multiple digital identification documents to control information disclosure
CN106716345A (zh) 2014-09-30 2017-05-24 皇家飞利浦有限公司 用于执行混淆算术的电子计算设备
CN107005399A (zh) * 2014-11-27 2017-08-01 皇家飞利浦有限公司 用于执行混淆算术的电子计算设备
JP6368051B2 (ja) 2014-12-12 2018-08-01 コーニンクレッカ フィリップス エヌ ヴェKoninklijke Philips N.V. 電子生成装置
EP3238366B1 (de) 2014-12-22 2019-03-13 Koninklijke Philips N.V. Elektronische rechenvorrichtung
US9967333B2 (en) 2015-03-02 2018-05-08 Dell Products Lp Deferred configuration or instruction execution using a secure distributed transaction ledger
US9967334B2 (en) 2015-03-02 2018-05-08 Dell Products Lp Computing device configuration and management using a secure decentralized transaction ledger
US9965628B2 (en) 2015-03-02 2018-05-08 Dell Products Lp Device reporting and protection systems and methods using a secure distributed transactional ledger
US10484168B2 (en) * 2015-03-02 2019-11-19 Dell Products L.P. Methods and systems for obfuscating data and computations defined in a secure distributed transaction ledger
US10592985B2 (en) 2015-03-02 2020-03-17 Dell Products L.P. Systems and methods for a commodity contracts market using a secure distributed transaction ledger
US9760737B2 (en) 2015-06-12 2017-09-12 Qualcomm Incorporated Techniques for integrated circuit data path confidentiality and extensions thereof
US11270032B1 (en) 2018-12-27 2022-03-08 Thales E-Security, Inc. Tamper switch assembly and installation method thereof
US11764940B2 (en) 2019-01-10 2023-09-19 Duality Technologies, Inc. Secure search of secret data in a semi-trusted environment using homomorphic encryption

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090180611A1 (en) * 2008-01-15 2009-07-16 Atmel Corporation Representation change of a point on an elliptic curve

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090180611A1 (en) * 2008-01-15 2009-07-16 Atmel Corporation Representation change of a point on an elliptic curve

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
CHOW S ET AL: "A white-box DES implementation for DRM applications", 20030101; 20030000, 1 January 2003 (2003-01-01), pages 1 - 15, XP002462504 *
NIGEL P SMART: "An Analysis of Goubin's Refined Power Analysis Attack", CHES 2003, vol. 2779, 23 September 2003 (2003-09-23), pages 281 - 290, XP055005050 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104283673A (zh) * 2014-10-09 2015-01-14 东南大学 密码电路系统的随机动态电压调节抗攻击方法及电路系统

Also Published As

Publication number Publication date
RU2011148528A (ru) 2013-06-10
FR2968104A1 (fr) 2012-06-01
FR2968104B1 (fr) 2013-07-12
US20120163584A1 (en) 2012-06-28
US8595513B2 (en) 2013-11-26
JP2012129993A (ja) 2012-07-05

Similar Documents

Publication Publication Date Title
EP2458776A1 (de) Verfahren und System zum Schutz einer Kryptografie-Vorrichtung
EP2380306B1 (de) Kryptografieschaltung mit schutz vor beobachtungsangriffen, im besonderen höherer ordnung
EP1769603B1 (de) Verfahren und vorrichtung zur ausführung einer kryptografischen berechnung
CN110363030A (zh) 用于执行基于格的密码操作的方法和处理设备
EP2893431B1 (de) Schutz vor seitenkanalangriffe
EP3211823B1 (de) Verfahren zur vertraulichen ausführung eines daten verarbeitetenden programms, welche durch eine homomorphische vershlüsselung verschleiert wurden
EP1757009A1 (de) Verfahren und vorrichtung zur durchführung einer kryptografischen berechnung
EP2638660B1 (de) Schutz gegen passives ausspähen
WO2016187432A1 (en) Hiding a public key exchange in noise
EP3300292B1 (de) Geschütztes chiffrier- und dechiffriersystem gegen angriffe über versteckte kanäle
US20160285621A1 (en) Decoy bits method for direct encryption and key generation
FR2892583A1 (fr) Procede de transmission securisee de donnees
FR2949886A1 (fr) Procede de traitement cryptographique de donnees
EP2509252A1 (de) Gesichertes Verschlüsselungsberechnungsverfahren, insbesondere gegen Angriffe vom Typ DFA und unidirektionelle Angriffe, und entsprechende Komponente
EP2936302B1 (de) Generator für chaotische sequenzen
EP2599256B1 (de) Verfahren und vorrichtung zur randomisierung eines geheimschlüssels für den schutz vor angriffen durch zusatzkanäle
WO2006010692A2 (fr) Procede de protection d’un algorithme a cle publique dans un composant electronique
EP2738974A1 (de) Verfahren zur Ableitung von multiplen kryptografischen Schlüsseln von einem Hauptschlüssel in einem Sicherheitsmikroprozessor
WO2013190015A1 (fr) Procede de protection d'un circuit de cryptographie contre les attaques par canaux auxiliaires et systeme correspondant
EP4270855A1 (de) Schutz gegen seitenkanalangriffe mit quadratischer maskierung
FR2949887A1 (fr) Procede de traitement cryptographique de donnees
EP2173056A1 (de) Gegenmassnahmen in einem elektronischen Bauelement mit einem Kryptosystem mit privatem Schlüssel
EP3579491A1 (de) Bestimmungsverfahren des modularen kehrwerts und entsprechende kryptographische verarbeitungsvorrichtung

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

17P Request for examination filed

Effective date: 20121030

17Q First examination report despatched

Effective date: 20130524

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: VERIMATRIX FRANCE SAS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20161215

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED